DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

95 new breaches in 2010 that didn’t make the news

Posted on April 16, 2010 by Dissent

The good folks over at the Identity Theft Resource Center recently posted a very gracious thank-you to me and this site for helping track data breaches. I suspect that they’ll be pulling their hair out this weekend, though. 🙂

In addition to the 100 previously unreported breaches from 2009 that I posted here today, here are another 95 breach reports that were received by NYS between January 1, 2010 and April 12, 2010 and that we didn’t already know about. The following are organized by sectors. As always, if you spot any errors or corrections, please let me know by using the Comments section on this site.

Of particular note in this batch, it appears that the Tropical Supermarket chain was hacked.   Since these reports were first received April 12, there may be more to come.

Healthcare Sector: 6 reports:

  • Health Net – Inadvertent disclosure – 18
  • Harlem Hospital – Unauthorized access – 1,034
  • Brookhaven Memorial Hospital Medical Center – Stolen computer – 38
  • Blue Cross Blue Shield of Western NY – Inadvertent disclosure – 1
  • Blue Cross Blue Shield of Western NY – Inadvertent disclosure – 1
  • Blue Cross Blue Shield of Western NY – Inadvertent disclosure- 20

Financial Sector: 27 reports

  • Oppenheimer Funds – Inadvertent disclosure – 2
  • Oppenheimer Funds –  Inadvertent disclosure – 1
  • Oppenheimer Funds – Inadvertent disclosure – 1
  • HSBC – Fraudulent access – 1
  • USAA Federal Savings Bank – Vendor incident – 1
  • Experian – Unauthorized access – 3
  • Chemung Canal Trust Company – Unauthorized access – 1
  • Sovereign Bank – Unauthorized access – 3
  • JP Morgan Chase Bank NA – Insider wrongdoing – 46
  • Primerica – Stolen computer – 3
  • ING Funds – Inadvertent disclosure – 11
  • Ameriprise Financial, Inc. – Insider wrongdoing – 1
  • Ameriprise Financial, Inc. – Lost computer – 1
  • Equifax Inc. – Hacking – 4
  • Equifax – Inadvertent disclosure – 35
  • Equifax Information Services LLC – Hacking – 1
  • Goldman Sachs & Co. – Insider wrongdoing – 1
  • Riggs Capital Management LLC – Hacking – 1
  • Raymond James FInancial – Inadvertent disclosure – 1
  • Morgan Stanley Smith Barney – Hacking – 11
  • Morgan Stanley Smith Barney–  Lost computer – 14
  • Nationwide Bank – Inadvertent disclosure-  62
  • Chase Bank USA, N.A. – Unauthorized access – 187
  • Fidelity Investments – Inadvertent disclosure – 18
  • Agway Liquidating Trust – Inadvertent disclosure – 4,400
  • BNY Mellon Shareowner Services –  Inadvertent disclosure – 2
  • The Vanguard Group, Inc. –  Inadvertent disclosure – 1

Business Sector:  47 reports:

  • STJ Orthotic Services – Stolen computer – 12
  • T-Mobile – Insider wrongdoing – 1
  • Paraco Gas Corporation – Stolen computer – 241
  • General Motors Company – Inadvertent disclosure – 64
  • State Farm Automobile Insurance Company – Insider wrongdoing – 1
  • State Farm Automobile Insurance Company – Insider wrongdoing – 10
  • Ann Taylor Stores Corp – Insider wrongdoing – 1
  • Eisner LLP – Stolen computer – 40
  • The Clay Store – Hacking – 1
  • Tropical Supermarket #4 – Hacking – 1
  • Tropical Supermarket #11/#15 – Hacking – 2
  • Tropical Supermarket #13 – Hacking – 7
  • Tropical Supermarket #14 – Hacking – 3
  • MAF Background Screening – Stolen computer –  15
  • At Once Wedding and Party Supplies – Hacking – 23
  • Wedge Corporation – Hacking – 1
  • Pro-Assurant Mid-Continent Underwriters – Hacking  – 1
  • Point Artworks – Stolen computer –  1
  • Building Media, Inc. – Hacking – 81
  • Amgen Inc. – Inadvertent disclosure – 4
  • News America Incorporated – Inadvertent disclosure – 9
  • Ahold USA – Lost DVDs – 329
  • Gap, Inc. – Insider  wrongdoing – 18
  • iHomeaudio.com – Hacking – 70
  • SDI Technologies – Hacking – 876
  • ING Life Insurance – Inadvertent disclosure – 4
  • SportDOG – Hacking – 15
  • Fox Television Animation – Stolen computer – 48
  • Metropolitan Life Insurance Co. – Insider wrongdoing – 21
  • Currier Plastics – Hacking – 110
  • NBC/Universal – Stolen computer – 22
  • Ann Moore’s – Hacking – 11
  • Fleet Filter – Hacking – 2
  • Beecher Carlson Insurance Services – Stolen computer – 2,824
  • Shufelt Inc dba Fantastic Sams – Hacking – 600
  • ValueVision Media d/b/a ShopNBC – Insider wrongdoing – 5
  • Value Vision Media d/b/a ShopNBC – Insider wrongdoing – 4
  • J. Crew Group –  Insider wrongdoing – 1
  • Beer & Hobby – Hacking – 42
  • City Bar Solas – Hacking – 1
  • Cobblestone Restaurant – Hacking – 1
  • Ned Devine’s Paris – Hacking – 12
  • The Green Briar – Hacking – 1
  • The Harp – Hacking – 1
  • Trump International Beach Resort – Hacking – 28
  • MJ O’Connors – Hacking – 10

Related posts:

  • 100 more breaches you probably never knew about in 2009
  • Commentary: Repeated insider breaches at TD Bank should trigger federal regulator investigation (update 1)
  • Blue Cross of Idaho Notice of Privacy Breach
  • Yet another mailing error from Blue Cross Blue Shield of Florida?
Category: Breach IncidentsBusiness SectorEducation SectorExposureFinancial SectorGovernment SectorHackHealth DataInsiderLost or MissingOf NoteOtherPaperSubcontractorTheftU.S.Unauthorized Access

Post navigation

← 100 more breaches you probably never knew about in 2009
Previously unreported breaches in the healthcare sector →

2 thoughts on “95 new breaches in 2010 that didn’t make the news”

  1. Golde says:
    April 23, 2010 at 3:16 pm

    Between this latest reveal, HHS and the MD AG’s office reporting information late, all data pertaining to information discovered in print in 2010 will be completely skewed. I seriously doubt that any number of breaches reported are in any manner the total number of breaches. The only true data will be paper vs electronic, type of theft and the category of the entity. And look at the number of “records/individuals” reported. A hacking that only took information of one person – be serious! This is only those in NY and not in other states that are still not reporting. If this latest revelation about notification to states hasn’t made you angry, then you just don’t get it. How many breaches are being hidden from the public? How many decide not to report because they don’t think there is risk of harm? Shouldn’t someone with authority decide risk of harm.

    1. admin says:
      April 23, 2010 at 3:24 pm

      I agree with much of what you say, of course.

      I don’t even know that paper vs. electronic will be valid, Golde, because some states don’t require notification to state if the breach involves paper records. And HHS isn’t telling us whether there are any financial or SSN records involved in the breaches that are posted to their OCR site — all we know there is that somehow “unsecured PHI” is involved.

      If I had my druthers, all breaches involving PII and/or PHI would be reported to states and all states would upload the breach reports they receive. Of course, we’d need a federal law and a federal definition of PII. Imagine how the lobbyists would be scrambling like mad if a serious bill to do that were introduced that didn’t contain a gadzillion loopholes….

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.